Security Testing

Our specialized set of security testing services covers every facet of an organization’s digital enterprise.

Our offerings include:

Static Application Security Testing

Our security code review process tests the security of the application from the inside out – i.e. by examining the source code as per defined standards. We carry out manual and automated analysis of your critical application's source code as well as examining the compiled form of the application in run-time environment.

Dynamic Application Security Testing

During dynamic security testing process, an application is tested and evaluated at run-time in order to find security vulnerabilities. Here we ensure that we test the application from a 360 degree view to identify internal & external facing threats.

Penetration Testing

In this service, our primary goal is to not only identify vulnerabilities, but to exploit them, in a controlled manner, to penetrate deep within your organization's environment. The aim is to validate the efficiency of your organization's layered defensive controls, as well as end-user's adherence to security policies.

Cloud Security Testing

With more businesses using cloud platforms, as the ‘back end’ infrastructure of their application deployments, there comes a need to look at new methods of security. Traditional security controls alone won’t be effective ensuring that their sensitive data is protected in cloud environments. Our cloud security testing services are designed to help you gain an in-depth understanding of the current state of your cloud solution's security controls, mechanisms and architecture.

Infrastructure Security Testing

As part of Infrastructure Security Testing, our primary intention is to uncover vulnerabilities in your organization’s IT Infrastructure devices and systems. Our test encompasses perimeter security devices, servers, OS platforms, network devices and any other critical infrastructure components in your environment.

Product Security Testing

This service consists of pre-certification assessments, certification support services and product security evaluation. For product security and official security certificate, evaluation is carried in our licensed laboratory, for e.g. Common Criteria procedure (ISO 15408).

Mobile Security Testing

With the growing mobile application market and the potential risks associated along, we at Capgemini help in identifying these threats and find suitable remediation’s. We extend our service to application that is mobile Web-based, Native and Hybrid variants belonging to all the leading platforms such as iOS, Android, Windows and Blackberry.

Pre-Compliance Readiness Testing

Pre-Compliance Readiness Testing provides a way to ensure your organization's compliance the territorial regulatory compliance along with process standardization. Our experts in Capgemini can carry out information security compliance checks against compliance requirements like PCI DSS, SOX and HIPAA.

Vulnerability Remediation Services

In our experience, there is a vast gap between the technical vulnerability reports, the development teams and the business teams who decide the business impact. Our Vulnerability Remediation service precisely answers this gap – our techno-functional security experts will not only understand the technical risks arising out of these vulnerabilities, but also map out the business impact and also be involved with the development teams to ensure the vulnerability is fixed. Our team will also suggest work-around solutions to temporarily prevent anyone from exploiting any critical vulnerabilities.